1 - 6 CCNA 4: WAN Technologies v 3.0 - Lab 1.1.4b Copyright  2003, Cisco Systems, Inc.
Lab 1.1.4b Configuring NAT Objective
• Configure a router to use Port Address Translation (PAT) to convert internal IP addresses,
typically private addresses, into an outside public address.
Background/Preparation
Aidan McDonald has just received a DSL line Internet connection to a local ISP in his home. The ISP
has allocated only one IP address to be used on the serial port of his remote access device. Routing
between the ISP and the home router is done using a static route between the ISP and the gateway
routers, and a default route between the gateway and the ISP routers. The ISP connection to the
Internet will be represented by a loopback address on the ISP router.
Cable a network similar to the one in the diagram. Any router that meets the interface requirements
displayed on the above diagram may be used. This includes the following and any of their possible
combinations:
• 800 series routers
• 1600 series routers
• 1700 series routers
• 2500 series routers
2 - 6 CCNA 4: WAN Technologies v 3.0 - Lab 1.1.4b Copyright  2003, Cisco Systems, Inc.

• 2600 series routers
Please refer to the chart at the end of the lab to correctly identify the interface identifiers to be used
based on the equipment in this lab. The configuration output used in this lab is produced from 1721
series routers. Any other router used may produce slightly different output. Conduct the following
steps on each router unless specifically instructed otherwise.
Start a HyperTerminal session.


route
a. Add a default route from the Gateway to the ISP router. This will forward any unknown
destination address traffic to the ISP. Use the ip route command to create the default route:

Gateway(config)#ip route 0.0.0.0 0.0.0.0 200.2.2.17

b. Is the route in the routing table?
_______________________________________________

c. Try to ping from one of the workstations to the ISP serial interface IP address.
d. Was the ping successful?
____________________________________________________

3 - 6 CCNA 4: WAN Technologies v 3.0 - Lab 1.1.4b Copyright  2003, Cisco Systems, Inc.

e. Why?
__________________________________________________________________

f. What command checks the routing table contents?
_________________________________

Step 6 Define an access list that will match the inside private IP addresses
To define the access list to match the inside private addresses, use the access list command:

Gateway(config)#access-list 1 permit 10.10.10.0 0.0.0.255

Step 7 Define the PAT translation from inside list to outside address
To define the PAT translation, use the ip nat inside source command. This command with
the overload option will create port address translation using the serial 0 IP address as the base:


Upon completion of the previous steps finish the lab by doing the following:
• Logoff by typing exit
• Turn the router off
• Remove and store the cables and adapter
4 - 6 CCNA 4: WAN Technologies v 3.0 - Lab 1.1.4b Copyright  2003, Cisco Systems, Inc.

Configuration reference sheet
This sheet contains the basic configuration commands for the ISP and Gateway routers:

ISP
Router#configure terminal
Router(config)#hostname ISP
ISP(config)#enable password cisco
ISP(config)#enable secret class
ISP(config)#line console 0
ISP(config-line)#password cisco
ISP(config-line)#login
ISP(config-line)#exit
ISP(config)#line vty 0 4
ISP(config-line)#password cisco
ISP(config-line)#login
ISP(config-line)#exit
ISP(config)#interface loopback 0
ISP(config-if)#ip address 172.16.1.1 255.255.255.255
ISP(config-if)#no shutdown
ISP(config-if)#exit
ISP(config)#interface serial 0
ISP(config-if)#ip address 200.2.2.17 255.255.255.252
ISP(config-if)#no shutdown

If prompted for a password, enter class (if that does not work, ask the instructor).

Router>enable

At the privileged exec mode enter the command erase startup-config.

Router#erase startup-config

The responding line prompt will be:

Erasing the nvram filesystem will remove all files! Continue? [confirm]

Press Enter to confirm.
The response should be:
Erase of nvram: complete
Now at the privileged exec mode enter the command reload.

Router(config)#reload

The responding line prompt will be:
System configuration has been modified. Save? [yes/no]:
Type n and then Enter.
The responding line prompt will be:
Proceed with reload? [confirm]
Press Enter to confirm.
In the first line of the response will be:
Reload requested by console.
After the router has reloaded the line prompt will be:
Would you like to enter the initial configuration dialog? [yes/no]:
Type n and then Enter.